Comments on: How to Write Simple but Sound Yara Rules – Part 3 https://www.nextron-systems.com/2016/04/15/how-to-write-simple-but-sound-yara-rules-part-3/ We Detect Hackers Tue, 04 Oct 2022 16:13:03 +0000 hourly 1 By: Florian Roth https://www.nextron-systems.com/2016/04/15/how-to-write-simple-but-sound-yara-rules-part-3/#comment-44 Tue, 31 Oct 2017 09:21:53 +0000 https://www.bsk-consulting.de/?p=1402#comment-44 In reply to Murad.

The default maximum file size is 10MB. Use the parameter “-fs 15” to process your file. (see the help)

]]> By: Murad https://www.nextron-systems.com/2016/04/15/how-to-write-simple-but-sound-yara-rules-part-3/#comment-43 Tue, 31 Oct 2017 08:07:39 +0000 https://www.bsk-consulting.de/?p=1402#comment-43 Hi Florian,
I have tried yarGen but I have a case that it does not produce any rule for some malwares, I tried many compinations of paramaters however no use, the sample is Artemis: InstallBC201401.exe# MD5: caff801a280d42dbd1ad6b1266d3c43a# SHA1: 08b9f5874ad1dc3ee1093c9cd08737645f33f13f# SHA256: 834d1dbfab8330ea5f1844f6e905ed0ac19d1033ee9a9f1122ad2051c56783dc

]]>